Incidents

Strangers on a train

We’re always warning users to be wary of files sent via Bluetooth from unknown sources. And this is why I was so surprised during a train trip the other day – I saw first hand evidence of how trusting people are when it comes to their mobiles.

A woman sitting in front of me took a call on her smartphone. A few minutes later a man who she clearly didn’t know asked if he could have her ‘cool ringtone’. She agreed, but for some reason he couldn’t persuade his smartphone to get the file via Bluetooth. Finally he asked her to give him her phone so he could copy the file directly from the memory card. She agreed without hesitating, handed over her smartphone…he copied what he needed to copy, handed the phone back, and left the compartment.

It’s possible that I’m suffering from an excess of occupational paranoia, and that the man really was interested only in the ringtone. I can’t be sure. However, I can be sure that he had access to all the data the woman had saved, not to mention the opportunity to copy malicious programs onto her phone. Maybe I am overly paranoid – but as long as I see people continuing to be so casual about phone security, I’ll keep telling them what they’re doing wrong.

As for the woman, she didn’t just get my ideas on security – she’ll be getting a free virus scanner for her smartphone too.

Strangers on a train

Your email address will not be published. Required fields are marked *

 

Reports

APT trends report Q3 2022

This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.

APT10: Tracking down LODEINFO 2022, part I

The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor.

Subscribe to our weekly e-mails

The hottest research right in your inbox